59.89.121.15
As of: Jan 14, 2025 3:16am UTC |
Latest
{
"ip": "59.89.121.15",
"services": [
{
"_decoded": "ftp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 harpal s takkapur 155 FTP server (MikroTik 6.46.8) ready\r\n",
"banner_hashes": [
"sha256:3d72058945ff4f4c8de2e4d918d3bac787447b8e74d22d468c6f6dc350890da0"
],
"banner_hex": "3232302068617270616c20732074616b6b6170757220313535204654502073657276657220284d696b726f54696b20362e34362e38292072656164790d0a",
"discovery_method": "PREDICTIVE_METHOD_7",
"extended_service_name": "FTP",
"ftp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"auth_tls_response": "DISPLAY_UTF8",
"auth_ssl_response": "DISPLAY_UTF8"
},
"banner": "220 harpal s takkapur 155 FTP server (MikroTik 6.46.8) ready\r\n",
"auth_tls_response": "500 'AUTH': command not understood\r\n",
"auth_ssl_response": "500 'AUTH': command not understood\r\n",
"status_code": 220,
"status_meaning": "Service ready for new user.",
"implicit_tls": false
},
"labels": [
"file-sharing",
"network.device"
],
"observed_at": "2025-01-13T01:17:45.848248433Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 21,
"service_name": "FTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:mikrotik:routeros:6.46.8:*:*:*:*:*:*:*",
"part": "o",
"vendor": "MikroTik",
"product": "RouterOS",
"version": "6.46.8",
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "199.45.154.137",
"transport_fingerprint": {
"raw": "14280,64,true,MSTNW,1440,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 200 OK\r\nConnection: Keep-Alive\r\nContent-Length: 7040\r\nContent-Type: text/html\r\nDate: <REDACTED>\r\nExpires: 0\r\n",
"banner_hashes": [
"sha256:f9899359f7a2b4394c1a8b0bdde5685c4e9cd164c9f32f704647277f1c6a96d1"
],
"banner_hex": "485454502f312e3120323030204f4b0d0a436f6e6e656374696f6e3a204b6565702d416c6976650d0a436f6e74656e742d4c656e6774683a20373034300d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a446174653a20203c52454441435445443e0d0a457870697265733a20300d0a",
"discovery_method": "PREDICTIVE_METHOD_7",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://59.89.121.15/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 200,
"status_reason": "OK",
"headers": {
"Date": [
"<REDACTED>"
],
"_encoding": {
"Date": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Expires": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8"
},
"Content_Length": [
"7040"
],
"Expires": [
"0"
],
"Content_Type": [
"text/html"
],
"Connection": [
"Keep-Alive"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>RouterOS router configuration page</title>",
"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />"
],
"body_size": 7040,
"body": "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n<link rel=\"icon\" href=\"/favicon.png\"/>\r\n<title>RouterOS router configuration page</title>\r\n<style type=\"text/css\">\r\nbody {\r\nfont-family: Verdana, Geneva, sans-serif;\r\nfont-size: 11px;\r\n}\r\nimg {border: none}\r\nimg:hover {opacity: 0.8;}\r\nh1 {\r\nfont-size: 1.7em;\r\ndisplay: inline;\r\nmargin-bottom: 10px;\r\n}\r\nfieldset {\r\nmargin-top: 20px;\r\nbackground: #fff;\r\npadding: 20px;\r\nborder: 1px solid #c1c1c1; \r\n}\r\n#container {\r\nwidth: 70%;\r\nmargin: 10% auto;\r\n}\r\n#box {\r\nbackground-color: #fff; \r\n-moz-border-radius: 7px; \r\n-webkit-border-radius: 7px; \r\nborder: 1px solid #c1c1c1; \r\npadding: 30px;\r\nfilter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffff', endColorstr='#f3f3f3'); /* for IE */\r\nbackground: -webkit-gradient(linear, left top, left bottom, from(#fff), to(#f3f3f3)); /* for webkit browsers */\r\nbackground: -moz-linear-gradient(top, #fff, #f3f3f3); /* for firefox 3.6+ */\r\n}\r\n.floater {float: left; margin-right: 10px;}\r\n.floater label {display: block; text-align: center;}\r\n\r\n#login {\r\n margin: 2em 0 4em 0;\r\n}\r\n#login h2 {\r\n font-weight: normal;\r\n font-size: 14px;\r\n margin: 0 0 0.5em 1em;\r\n}\r\n#login td {\r\n padding: 0 4px 0 0;\r\n}\r\n#login td.label {\r\n text-align: right;\r\n}\r\n#login td.toolbar {\r\n padding: 0 0 0 1em;\r\n vertical-align: top;\r\n}\r\n#login ul.toolbar {\r\n margin: 0;\r\n}\r\n#login input {\r\n margin: 2px;\r\n padding: 2px;\r\n border: 1px solid #888;\r\n box-shadow: 1px 1px 3px rgba(0,0,0,0.3);\r\n -webkit-box-shadow: 1px 1px 3px rgba(0,0,0,0.3);\r\n -moz-box-shadow: 1px 1px 3px rgba(0,0,0,0.3);\r\n}\r\n#error {\r\n display:none;\r\n color:red;\r\n padding: 1em 0 0 0;\r\n}\r\nul.toolbar {\r\n font-size: 11px;\r\n text-align: left;\r\n list-style-type: none;\r\n padding: 0;\r\n margin: 2px 0 4px 2px;\r\n}\r\nul.toolbar li {\r\n float: left;\r\n vertical-align: middle;\r\n}\r\nul.toolbar a {\r\n float: none;\r\n display: block;\r\n margin: 2px 4px 2px 0;\r\n padding: 5px;\r\n\r\n background: #ddd;\r\n border: 1px solid #888;\r\n border-radius: 3px;\r\n -moz-border-radius: 3px;\r\n box-shadow:\r\n 1px 1px 2px rgba(255,255,255,0.8) inset,\r\n\t0 10px 10px -5px rgba(255,255,255,0.5) inset, /* top gradient */\r\n\t1px 1px 2px rgba(0,0,0,0.2); /* shadow */\r\n -webkit-box-shadow:\r\n 1px 1px 2px rgba(255,255,255,0.8) inset,\r\n\t0 10px 10px -5px rgba(255,255,255,0.5) inset,\r\n\t1px 1px 2px rgba(0,0,0,0.2);\r\n -moz-box-shadow:\r\n 1px 1px 2px rgba(255,255,255,0.8) inset,\r\n\t0 10px 10px -5px rgba(255,255,255,0.5) inset,\r\n\t1px 1px 2px rgba(0,0,0,0.2);\r\n color: #000;\r\n\r\n text-decoration: none;\r\n text-align: center;\r\n white-space: nowrap;\r\n cursor: inherit;\r\n min-width: 4em;\r\n\r\n -webkit-transition: background 0.2s linear, box-shadow 0.2s ease-out;\r\n -moz-transition: background 0.2s linear, box-shadow 0.2s ease-out;\r\n}\r\nul.toolbar a:hover {\r\n background: #eee;\r\n}\r\nul.toolbar a:active {\r\n background: #aaa;\r\n box-shadow: 1px 1px 2px #999 inset;\r\n -webkit-box-shadow: 1px 1px 2px #999 inset;\r\n -moz-box-shadow: 1px 1px 2px #999 inset;\r\n}\r\n</style>\r\n<script>\r\nfunction get(id) {\r\n return document.getElementById(id);\r\n}\r\nfunction trim(str) {\r\n return str.replace(/^\\s+|\\s+$/g, '');\r\n}\r\nfunction login(user, pwd, autologin) {\r\n var expires = new Date();\r\n expires.setTime(expires.getTime() + (30 * 24 * 60 * 60 * 1000));\r\n document.cookie = 'username=' + user +\r\n '; expires=' + expires.toGMTString() + '; path=/';\r\n\r\n window.name = (autologin ? 'autologin=' : 'login=') + user + '|' + pwd;\r\n window.location.replace('/webfig/' + window.location.hash);\r\n}\r\nfunction dologin() {\r\n login(get('name').value, get('password').value);\r\n}\r\nfunction loaded() {\r\n var p = window.name.split('=');\r\n if (p[0] == 'error' && p[1]) {\r\n var err = get('error');\r\n err.appendChild(document.createTextNode(p[1]));\r\n err.style.display = 'block';\r\n } else if (p[0] != 'noautologin' || p[1] != 1) {\r\n var user = '';\r\n if (user) {\r\n login(user, '', true);\r\n return;\r\n }\r\n }\r\n window.name = '';\r\n\r\n document.onkeydown = function(e) {\r\n e = e || event;\r\n if (e.keyCode == 13) {\r\n dologin();\r\n return false;\r\n }\r\n return true;\r\n };\r\n\r\n var username = null;\r\n var cookies = document.cookie.split(';');\r\n for (var i in cookies) {\r\n\tvar c = trim(cookies[i]).split('=');\r\n\tif (c[0] == 'username') {\r\n\t username = c[1];\r\n\t break;\r\n\t}\r\n }\r\n \r\n if (username != null) {\r\n\tget('name').value = username;\r\n\tget('password').focus();\r\n } else {\r\n get('name').value = 'admin';\r\n\tget('name').focus();\r\n }\r\n}\r\n</script>\r\n</head>\r\n\r\n<body onload=\"loaded()\">\r\n\r\n<div id=\"container\">\r\n\r\n <div id=\"box\">\r\n <a href=\"http://mikrotik.com\"><img src=\"mikrotik_logo.png\" style=\"float: right;\" /></a>\r\n\r\n <br style=\"clear: both;\"/>\r\n \r\n\t\t<h1>RouterOS v6.46.8</h1>\r\n \r\n <p>You have connected to a router. Administrative access only. If this device is not in your possession, please contact your local network administrator. </p>\r\n \r\n <table id=\"login\">\r\n\t<tr><td colspan=\"3\"><h2>WebFig Login:</h2>\r\n <tr><td class=\"label\">Login: <td><input id=\"name\" type=\"text\" tabindex=\"1\">\r\n\t <td class=\"toolbar\" rowspan=\"2\">\r\n <ul class=\"toolbar\">\r\n\t <li><a onclick=\"dologin()\" ondragstart=\"return false;\"><span>Login</span></a></li>\r\n </ul>\r\n <tr><td class=\"label\">Password: <td><input id=\"password\" type=\"password\" tabindex=\"2\">\r\n\t<tr><td colspan=\"3\">\r\n\t <div id=\"error\"></div>\r\n </table>\r\n \r\n <fieldset>\r\n <div class=\"floater\"> \r\n \t<a href=\"https://mt.lv/winbox\"><img src=\"winbox.png\"/></a><br/>\r\n <label>Winbox</label>\r\n </div>\r\n \r\n <div class=\"floater\"> \r\n \t<a href=\"telnet://59.89.121.15\"><img src=\"console.png\"/></a><br/>\r\n <label>Telnet</label>\r\n </div>\r\n\r\n \r\n \r\n <div class=\"floater\"> \r\n \t<a href=\"/graphs\"><img src=\"green.png\"/></a><br/>\r\n <label>Graphs</label>\r\n </div>\r\n \r\n \r\n <div class=\"floater\"> \r\n \t<a href=\"/help/license.html\"><img src=\"license.png\"/></a><br/>\r\n <label>License</label>\r\n </div>\r\n \r\n\t\t\t<div class=\"floater\"> \r\n \t<a href=\"http://wiki.mikrotik.com\"><img src=\"help.png\"/></a><br/>\r\n <label>Help</label>\r\n </div>\r\n\r\n</fieldset>\r\n \r\n <br style=\"clear: both\"/> \r\n <div style=\"float: right\">© mikrotik</div>\r\n\r\n </div>\r\n</div>\r\n\r\n</div>\r\n\r\n</body>\r\n</html>\r\n",
"favicons": [
{
"size": 1630,
"name": "http://59.89.121.15/favicon.png",
"md5_hash": "77b2f4c09890ab658a72c4bad8c1077b",
"hashes": [
"md5:77b2f4c09890ab658a72c4bad8c1077b",
"sha256:02ef1b5c8e078a00d7feea791bf9ca3b9d6f96afd0b583974d4603acfdacddc6"
],
"shodan_hash": 1924358485
}
],
"body_hashes": [
"sha256:12cf2007b8ff952637855ca30daa63d7497b0cd6ebc62879b704e9eb028f5fae",
"sha1:fdea3732e834b0917291f7e093463690c38276ba"
],
"body_hash": "sha1:fdea3732e834b0917291f7e093463690c38276ba",
"html_title": "RouterOS router configuration page"
},
"supports_http2": false
},
"labels": [
"login-page",
"network.device"
],
"observed_at": "2025-01-13T01:15:37.850454521Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 80,
"service_name": "HTTP",
"software": [
{
"part": "h",
"vendor": "MikroTik",
"other": {
"device": "Router"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "MikroTik",
"product": "RouterOS",
"other": {
"device": "Router"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.146.48",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nAccept-Ranges: bytes\r\nETag: \"2570370092\"\r\nLast-Modified: Fri, 02 Dec 2022 15:53:41 GMT\r\nContent-Length: 1616\r\nDate: <REDACTED>\r\nServer: lighttpd/1.4.54\r\n",
"banner_hashes": [
"sha256:8895e6fb337b65c542ad6d06cc43e2da81423818f90b8e27c287ab90f44f714d"
],
"banner_hex": "485454502f312e3120323030204f4b0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a4163636570742d52616e6765733a2062797465730d0a455461673a202232353730333730303932220d0a4c6173742d4d6f6469666965643a204672692c2030322044656320323032322031353a35333a343120474d540d0a436f6e74656e742d4c656e6774683a20313631360d0a446174653a20203c52454441435445443e0d0a5365727665723a206c696768747470642f312e342e35340d0a",
"certificate": "cfa2fc59d258027f79331f438d9c4dffaddc261f1c10f92b7f612e09f2d3cecf",
"discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://59.89.121.15/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 200,
"status_reason": "OK",
"headers": {
"Server": [
"lighttpd/1.4.54"
],
"_encoding": {
"Server": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Accept_Ranges": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8",
"ETag": "DISPLAY_UTF8",
"Last_Modified": "DISPLAY_UTF8"
},
"Content_Length": [
"1616"
],
"Content_Type": [
"text/html"
],
"Accept_Ranges": [
"bytes"
],
"Date": [
"<REDACTED>"
],
"ETag": [
"\"2570370092\""
],
"Last_Modified": [
"Fri, 02 Dec 2022 15:53:41 GMT"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>Ubiquiti</title>",
"<meta charset=\"utf-8\"/>",
"<meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge;chrome=1\"/>",
"<meta name=\"viewport\" content=\"width=device-width,initial-scale=1,maximum-scale=1\">",
"<meta http-equiv=\"Pragma\" content=\"no-cache\">",
"<meta http-equiv=\"Expires\" content=\"0\">",
"<meta http-equiv=\"Cache-Control\" content=\"no-cache\">"
],
"body_size": 1616,
"body": "<!doctype html> <!--[if IE 9 ]><html class=\"ie9\"> <![endif]--> <!--[if (gt IE 9)|!(IE)]><!--> <html> <!--<![endif]--> <head> <meta charset=\"utf-8\"/> <meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge;chrome=1\"/> <meta name=\"viewport\" content=\"width=device-width,initial-scale=1,maximum-scale=1\"> <meta http-equiv=\"Pragma\" content=\"no-cache\"> <meta http-equiv=\"Expires\" content=\"0\"> <meta http-equiv=\"Cache-Control\" content=\"no-cache\"> <title>Ubiquiti</title> <link rel=\"icon\" href=\"/favicon.ico\"><link href=\"/vendors.chunk.dc42933d.css\" rel=\"stylesheet\"><link href=\"/main.341a0a37.css\" rel=\"stylesheet\"></head> <body> <div id=\"main_region\"></div> <div id=\"dialog_region\"></div> <div id=\"dynamic_dialogs\"></div> <noscript><div class=\"browser_warning_wrapper\"><div class=\"browser_warning\">Please enable Javascript in your browser.</div></div></noscript> <div id=\"browser-no-storage\" class=\"browser_warning_wrapper\" style=\"display:none\"><div class=\"browser_warning\">Cannot access session storage. Please make sure cookies are enabled in your browser.</div></div> <div id=\"browser-old\" class=\"browser_warning_wrapper\" style=\"display:none\"><div class=\"browser_warning\">Unsupported browser detected. Please upgrade your browser.</div></div> <script>try{sessionStorage.setItem(\"storage-test\",\"test\"),sessionStorage.removeItem(\"storage-test\")}catch(e){document.getElementById(\"browser-no-storage\").style.display=\"block\"}document.querySelector||(document.getElementById(\"browser-old\").style.display=\"block\")</script> <script src=\"/vendors.chunk.dc42933d.js\"></script><script src=\"/main.341a0a37.js\"></script></body> </html> ",
"favicons": [
{
"size": 3638,
"name": "https://59.89.121.15/favicon.ico",
"md5_hash": "255b6fcbcb463e11ed763b2b892a2965",
"hashes": [
"md5:255b6fcbcb463e11ed763b2b892a2965",
"sha256:51c056c1b257ad6e0d44560550b30a0eceb08022e9314c077161d3200b0bd4be"
],
"shodan_hash": -1446794564
}
],
"body_hashes": [
"sha256:c4da6ca3a51e551442904eaa15153e9d3c5b5e1a28f426baaa15b77fec5e75c7",
"sha1:efe134a5c43ce414d16c1aba6541f6f4de9ecb52"
],
"body_hash": "sha1:efe134a5c43ce414d16c1aba6541f6f4de9ecb52",
"html_title": "Ubiquiti"
},
"supports_http2": false
},
"observed_at": "2025-01-12T18:47:44.297829505Z",
"pending_removal_since": "2025-01-14T03:16:21.559317941Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 443,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:lighttpd:lighttpd:1.4.54:*:*:*:*:*:*:*",
"part": "a",
"vendor": "lighttpd",
"product": "lighttpd",
"version": "1.4.54",
"other": {
"family": "lighttpd"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"part": "h",
"vendor": "Ubiquiti",
"other": {
"device": "WAP"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.146.59",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "cfa2fc59d258027f79331f438d9c4dffaddc261f1c10f92b7f612e09f2d3cecf",
"leaf_data": {
"names": [
"UBNT-F4:92:BF:4C:E4:31"
],
"subject_dn": "C=US, ST=CA, L=San Jose, O=Ubiquiti Networks Inc., OU=Technical Support, CN=UBNT-F4:92:BF:4C:E4:31, [email protected]",
"issuer_dn": "C=US, ST=CA, L=San Jose, O=Ubiquiti Networks Inc., OU=Technical Support, CN=UBNT-F4:92:BF:4C:E4:31, [email protected]",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "ad7399acc4602742d1731c4e40874c5705879ae5182aa19304f8bb40b93b960a",
"fingerprint": "cfa2fc59d258027f79331f438d9c4dffaddc261f1c10f92b7f612e09f2d3cecf",
"issuer": {
"common_name": [
"UBNT-F4:92:BF:4C:E4:31"
],
"locality": [
"San Jose"
],
"organization": [
"Ubiquiti Networks Inc."
],
"organizational_unit": [
"Technical Support"
],
"province": [
"CA"
],
"country": [
"US"
],
"email_address": [
"[email protected]"
]
},
"subject": {
"common_name": [
"UBNT-F4:92:BF:4C:E4:31"
],
"locality": [
"San Jose"
],
"organization": [
"Ubiquiti Networks Inc."
],
"organizational_unit": [
"Technical Support"
],
"province": [
"CA"
],
"country": [
"US"
],
"email_address": [
"[email protected]"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wfrcjPgcEw1GR8C2VuKZrKH+8TDLs3YP7WhhsZ9WIA2Bh7YbPXhvPGFFNwobU7uJ4v6FZnp1yPCsqDOzIp3yIfIt3LCocdahZ8GYgw+NjiCNv52PKfq0PXvwBGdBnq0FS9gLKMdOcPOw15wtLhlIOgbgYEhVkTCvvgKGCzsUAUiA7q2sCXOY+XRpahCmB6oAXcTYPOhOt2nNFE9H/DDJXmqyxRypdjLhPrsWvHabk/36sEgxyc3oWbW/xPiaTbsHJB8zy0a8D/pU6GOorBg6P5dO5mtS+bxeZCtctzdTyU+aTQ+aJP5+bqp7qhe0vwbWg6nTBDdTPRjUzCoURymP+Q==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "5441dadedbd0bef5a30ba5adc9daab23177450f0583222aa5a64c549b6d732f7"
},
"signature": {
"self_signed": true,
"signature_algorithm": "SHA256-RSA"
}
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250",
"versions": [
{
"tls_version": "TLSv1_3",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250"
},
{
"tls_version": "TLSv1_2",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "0debd3853f330c574b05e0b6d882dc27",
"ja4s": "t120200_c030_344b4dce5a52"
},
{
"tls_version": "TLSv1_1",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "ce815ab6e37127ab1cb9fe33d3ba250d",
"ja4s": "t110200_c014_344b4dce5a52"
},
{
"tls_version": "TLSv1_0",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "623de93db17d313345d7ea481e7443cf",
"ja4s": "t100200_c014_344b4dce5a52"
}
]
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "\u0001\u0000\u0000\u0000",
"banner_hashes": [
"sha256:67abdd721024f0ff4e0b3f4c2fc13bc5bad42d0b7851d456d88d203d15aaa450"
],
"banner_hex": "01000000",
"discovery_method": "PREDICTIVE_METHOD_7",
"extended_service_name": "MIKROTIK_BW",
"observed_at": "2025-01-13T10:34:12.036010848Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 2000,
"service_name": "MIKROTIK_BW",
"source_ip": "167.94.138.202",
"transport_fingerprint": {
"raw": "14280,64,true,MSTNW,1440,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "\u0006!fatal\rnot logged in\u0000",
"banner_hashes": [
"sha256:e043f7215b9c66699ecb2d82ca9bb1b1e4303c53a37526155804a9b850c9c776"
],
"banner_hex": "0621666174616c0d6e6f74206c6f6767656420696e00",
"discovery_method": "PREDICTIVE_METHOD_7",
"extended_service_name": "UNKNOWN",
"observed_at": "2025-01-13T01:55:10.145288215Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 8728,
"service_name": "UNKNOWN",
"source_ip": "199.45.154.137",
"transport_fingerprint": {
"raw": "14280,64,true,MSTNW,1440,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "\u0015\u0003\u0003\u0000\u0002\u0002(",
"banner_hashes": [
"sha256:c29a73f289598bf8a30a3e10ccfc7b981dd824f11838b3149c9a71cffe4670bd"
],
"banner_hex": "15030300020228",
"discovery_method": "PREDICTIVE_METHOD_7",
"extended_service_name": "UNKNOWN",
"observed_at": "2025-01-13T07:17:01.906262534Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 8729,
"service_name": "UNKNOWN",
"source_ip": "167.94.145.99",
"transport_fingerprint": {
"raw": "14280,64,true,MSTNW,1440,false,false"
},
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "Asia",
"country": "India",
"country_code": "IN",
"city": "Path\u0101nkot",
"postal_code": "145001",
"timezone": "Asia/Kolkata",
"province": "Punjab",
"coordinates": {
"latitude": 32.27484,
"longitude": 75.65287
}
},
"location_updated_at": "2025-01-12T18:47:55.627909827Z",
"autonomous_system": {
"asn": 9829,
"description": "BSNL-NIB National Internet Backbone",
"bgp_prefix": "59.89.112.0/20",
"name": "BSNL-NIB National Internet Backbone",
"country_code": "IN"
},
"autonomous_system_updated_at": "2025-01-12T18:47:55.627976466Z",
"whois": {
"network": {
"handle": "BB-MULTIPLAY",
"name": "O/o DGM BB, NOC BSNL Bangalore",
"cidrs": [
"59.89.52.0/22",
"59.89.56.0/21",
"59.89.64.0/18",
"59.89.128.0/17"
],
"updated": "2021-07-15T00:00:00Z"
}
},
"operating_system": {
"uniform_resource_identifier": "cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "MikroTik",
"product": "RouterOS",
"other": {
"device": "Router"
}
},
"dns": {},
"last_updated_at": "2025-01-14T03:16:41.031Z",
"labels": [
"file-sharing",
"login-page",
"network.device"
]
}